Search

Expected end of text, found '.' (at char 34), (line:1, col:35)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329724 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-4392 2 Automattic, Wordpress 2 Jetpack, Wordpress 2026-01-22 6.4 Medium
The Jetpack – WP Security, Backup, Speed, & Growth plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpvideo shortcode in all versions up to, and including, 13.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVE-2023-47774 2 Automattic, Wordpress 2 Jetpack, Wordpress 2026-01-22 5.4 Medium
Improper Restriction of Rendered UI Layers or Frames vulnerability in Automattic Jetpack allows Clickjacking.This issue affects Jetpack: from n/a before 12.7.
CVE-2025-39482 1 Imithemes 1 Eventer 2026-01-22 4.3 Medium
Missing Authorization vulnerability in imithemes Eventer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Eventer: from n/a before 3.11.4.
CVE-2025-39481 1 Imithemes 1 Eventer 2026-01-22 9.3 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in imithemes Eventer allows Blind SQL Injection.This issue affects Eventer: from n/a before 3.11.4.
CVE-2025-5009 2 Apple, Google 2 Ios, Gemini 2026-01-22 N/A
In Gemini iOS, when a user shared a snippet of a conversation, it would share the entire conversation via a sharable public link that contained the entire conversation history and not just the snippet.
CVE-2024-3727 1 Redhat 18 Acm, Advanced Cluster Security, Ansible Automation Platform and 15 more 2026-01-22 8.3 High
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
CVE-2025-39483 2 Imithemes, Wordpress 2 Eventer, Wordpress 2026-01-22 6.5 Medium
Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer allows Code Injection.This issue affects Eventer: from n/a before 3.9.9.1.
CVE-2024-53252 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53251 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53250 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53249 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53248 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45743 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45742 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45730 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45729 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45728 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45727 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45726 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45725 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.